connect with us

Why Attend LISA?

"This was my first LISA. It was great attending a conference that focused on my role without trying to shoehorn every challenge into a specific vendor's solution. The same mix of awesome sessions, speakers, and other attendees will bring me back every year."

LISA14 Attendee

"I like seeing where the industry is heading, how SysAdmins/engineers are evolving, tools they are using, common problems and solutions across the world."

LISA14 Attendee

"If you're a sysadmin slaving away in a metaphorical basement and re-inventing the wheel every time your employer's business goals change slightly, LISA will help pull you into the light."

Marc Chiarini, Long-Time IT Admin and Researcher, MarkLogic Corp

"LISA is the home of ops people who do ops correctly. I’m always motivated by the conference content and hallway conversations to be better, and I take home the knowledge needed to move closer to that goal. "

Tony Del Porto, Cisco Systems, Inc.

"LISA is the best mix of training, talks, and networking of any events I've been to. That's the reason I've been to 11 of them.”

LISA14 Attendee

"In a world where technology changes rapidly, it's hard to find great resources for in-depth expertise. LISA has a terrific combination of people who create the technology and people who implement it effectively for their companies."

Matt Simmons, Northeastern University

"No matter if you are dealing with the latest tech or trying to maintain something from the dark ages of the ‘90s, there are people at LISA who are experienced with it. Heck, many of the people who _developed_ this tech attend. This is a great place to get answers and ideas."

Lee Damon, University of Washington

"Great sessions, great presenters, great community. I feel like I can make up a year of following news and forums on the subject in a week."

connect with us

System administrators are required to access the privileged, or "super-user," interfaces of computing, networking, and storage resources they support. This low-level infrastructure underpins most of the security tools and features common today and is assumed to be secure. A malicious system administrator or malware on the system administrator's client system can silently subvert this computing infrastructure. In the case of cloud system administrators, unauthorized privileged access has the potential to cause grave damage to the cloud provider and their customers. In this paper, we describe Spyglass, a tool for managing, securing, and auditing administrator access to private or sensitive infrastructure networks by creating on-demand bastion hosts inside of Linux containers. These on-demand bastion containers differ from regular bastion hosts in that they are nonpersistent and last only for the duration of the administrator's access. Spyglass also captures command input and screen output of all administrator activities from outside the container, allowing monitoring of sensitive infrastructure and understanding of the actions of an adversary in the event of a compromise. Through our evaluation of Spyglass for remote network access, we show that it is more difficult to penetrate than existing solutions, does not introduce delays or major workflow changes, and increases the amount of tamper-resistant auditing information that is captured about a system administrator's access.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.